Views and RLS?
Hi all, I'm seeing "Unrestricted" on all of my views materialized and otherwise, they don't show up in the policy editor. I did lock them down and it still says unrestricted. Is this just a feature thing where it doesn't support views yet?
3 Replies
They are likely security definer (postgres default) views.
What does the error message detail say?
No errors at all
It just says unrestricted even after I limited it to authenticated
I meant the warning if you hover your mouse of restricted.
How are you limiting it to authenticated?
I'm sure the method they use is just "is it security definer?" warn the user. I doubt they examine grants or code in the view to decide if it is secure.
https://supabase.com/docs/guides/database/tables?queryGroups=language&language=swift#view-security
The little bit Supabase has on view security. Lots more on the web searching for Postgres.